IBM Support

IT34553: WITH NIST TRANSITION COMPLIANCE ENABLED, SSH ECDSA-SHA2-NISTP256 KEY OF LENGTH 256 IS NOT SUPPORTED ON 6.0.3.0

Subscribe to this APAR

By subscribing, you receive periodic emails alerting you to the status of the APAR, along with a link to the fix after it becomes available. You can track this item individually or track all items by product.

Notify me when this APAR changes.

Notify me when an APAR for this component changes.

 

APAR status

  • Closed as program error.

Error description

  • Unable to check-in ecdsa-sha2-nistp256 Known Host
Key into B2B Integrator when NIST.800-131a=transition is set in
security.properties. When trying to do so, the following
error is seen "Key is Not NIST 800-131a compliant."

Below logs
are printed in ui.log,

[2020-10-13 06:34:54.998] DEBUG
[UpdateSFTPKeys] Key is Not NIST 800-131a compliant.
[Keyname,KeyLength] = [test,256]
[2020-10-13 06:34:54.998]
DEBUG Invalid CHECK-IN: error.KeyNotNISTComplPrefix
[2020-10-13
06:34:54.998] DEBUG [UpdateSFTPKeys]
com.sterlingcommerce.woodst
ock.ui.SFTPKeysEditor@6d11bde3
[2020-10-13 06:34:54.998] DEBUG
ServletBase [setNoCache] - HTTP/1.1
[2020-10-13 06:34:54.998]
DEBUG [gotoPage] page input: 'page.wizard.multipart?securetoken=
1602584985315node010wa24sb0fp4tssmjj8amu4l110' page: '/jsp/wizmu
ltipart.jsp?securetoken=1602584985315node010wa24sb0fp4tssmjj8amu
4l110'
[2020-10-13 06:34:54.998] DEBUG CHECKING CONTEXT:
-342347127
[2020-10-13 06:34:54.998] DEBUG

Local fix

  • B2BISFG-54299

Problem summary

  • Users Affected:

All

Problem Description:

Unable to import ecdsa-sha2-nistp256 Known Host Key
into B2Bi when NIST.800-131a=transition is set in
security.properties. When trying to do so the following
error occurs  "Key is Not NIST 800-131a compliant."



Platforms Affected:

All Platforms

Problem conclusion

  •  Resolution Summary:
A code fix is provided.
The NIST validity check for the Transition mode ecdsa
keys is corrected. The issue was specific for checkin of ecdsa
known host key and that's  rectified with the fix.



Delivered in:

6000303

Temporary fix

  • 



Comments


    

  • 



APAR Information




    

  • APAR number
    IT34553
    • 

  • Reported component name
    STR B2B INTEGRA
    • 

  • Reported component ID
    5725D0600
    • 

  • Reported release
    603
    • 

  • Status
    CLOSED  PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt / Xsystem
    • 

  • Submitted date
    2020-10-15
    • 

  • Closed date
    2020-11-11
    • 

  • Last modified date
    2020-11-13
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    • 



Fix information


    

  • Fixed component name
    STR B2B INTEGRA
    • 

  • Fixed component ID
    5725D0600
    • 



Applicable component levels


    








      
              
                            

              

              [{"Line of Business":{"code":"LOB59","label":"Sustainability Software"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SS3JSW","label":"IBM Sterling B2B Integrator"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"603"}]
              

                          

          
 
        

      

    

      

        

          

            
Document Information


            

            


                        

            Modified date:
            

            16 November 2020
            

            
                      

        


        

        


      

    

  



    

  

  
    
            

          
Page Feedback